Win32.worm.dpug

Technical Details Written using the C++ language File Size: 1.6 MB Overview Win32.worm.dpug is a worm that infects Windows PCs running Windows XP and above. Analysis Upon execution, it checks weather it’s installed or not by quering the value of it’s key (“HKCU\Software\Microsoft\Windows\CurrentVersion\Run\gtalkupdate”). If that fails, then it installs itself by copying it’s copy to …

View full post

“Teddy Afro” Worm (Worm.Win32.AutoIt.a)

A computer worm commonly known as “Teddy Afro” (Worm.Win32.AutoIt.a) is currently spreading in Ethiopia. It overwrites word, powerpoint, excel, access, mp3 and mpg files with this message: I am sorry If I corrupted your files, but it had to be done! You can’t get your files back because, I have already ruined them!!! The famous …

View full post

Worm.Win32.AutoIt.a

Technical details Written using the Autoit scripting language. File size of 208767 bytes. Packed by PECompact to decrease size.   Installation Makes copies of itself with the following names once launched: %System%\%randno%\%randno%.exe Creates the following files on an infected computer: %System%\mler.a3x %System%\cper.a3x %System%\dwlr.a3x %System%\clin\ax.log (is copied as autorun.inf on to drives) %Windir%\ss.bat Ensures autorun of …

View full post
Win32.worm.dpug“Teddy Afro” Worm (Worm.Win32.AutoIt.a)Worm.Win32.AutoIt.a